Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

151 advisories

Loading
libpg_query memory leak High
CVE-2018-18482 was published for pg-query (pip) May 13, 2022
A flaw was found in the way civetweb frontend was handling requests for ceph RGW server with SSL... High Unreviewed
CVE-2019-3821 was published May 13, 2022
Waitress vulnerable to DoS leading to high CPU usage/resource exhaustion High
CVE-2024-49769 was published for waitress (pip) Oct 29, 2024
djay d-maurer
digitalresistor
Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated... High Unreviewed
CVE-2023-1150 was published Jun 26, 2023
OpenStack Neutron Denial of Service vulnerability High
CVE-2021-40797 was published for neutron (pip) May 24, 2022
Uncontrolled resource consumption in Zoom SDKs before 5.14.7 may allow an unauthenticated user to... High Unreviewed
CVE-2023-36533 was published Aug 8, 2023
A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process,... High Unreviewed
CVE-2024-39562 was published Jul 11, 2024
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and... High Unreviewed
CVE-2018-0158 was published May 13, 2022
In the Linux kernel, the following vulnerability has been resolved: ubifs: Set page uptodate in... High Unreviewed
CVE-2024-35821 was published May 17, 2024
The Video_Converter app 0.1.0 for Nextcloud allows denial of service (CPU and memory consumption)... High Unreviewed
CVE-2019-18214 was published May 24, 2022
Boa through 0.94.14rc21 allows remote attackers to trigger a memory leak because of missing calls... High Unreviewed
CVE-2018-21028 was published May 24, 2022
A failure to free memory can occur when processing messages having a specific combination of EDNS... High Unreviewed
CVE-2018-5744 was published May 24, 2022
Foxit Reader before 9.7 allows an Access Violation and crash if insufficient memory exists. High Unreviewed
CVE-2019-17183 was published May 24, 2022
A service worker can send the activate event on itself periodically which allows it to run... High Unreviewed
CVE-2018-5179 was published May 24, 2022
Missing Release of Resource after Effective Lifetime in Apache Tomcat High
CVE-2021-42340 was published for org.apache.tomcat:tomcat (Maven) Oct 15, 2021
sunSUNQ
PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which... High Unreviewed
CVE-2010-4657 was published Apr 21, 2022
When a BIG-IP ASM/Advanced WAF security policy is configured on a virtual server, undisclosed... High Unreviewed
CVE-2024-21789 was published Feb 14, 2024
The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x before 1.2.23, 1.4.x before 1.4.9, and... High Unreviewed
CVE-2007-4103 was published May 1, 2022
Etcd Gateway can include itself as an endpoint resulting in resource exhaustion High
CVE-2020-15114 was published for go.etcd.io/etcd (Go) Jan 31, 2024
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA)... High Unreviewed
CVE-2023-20095 was published Nov 1, 2023
golang.org/x/text/language Denial of service via crafted Accept-Language header High
CVE-2022-32149 was published for golang.org/x/text (Go) Oct 14, 2022
rbeuque74
Use of uninitialized buffer in rkyv High
CVE-2021-31919 was published for rkyv (Rust) Aug 25, 2021
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect... High Unreviewed
CVE-2021-1620 was published May 24, 2022
In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will... High Unreviewed
CVE-2019-3883 was published May 13, 2022
Uncontrolled Resource Consumption in promhttp High
CVE-2022-21698 was published for github.com/prometheus/client_golang (Go) Feb 16, 2022
dgl
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database